[PATCH 2/2] network: don't attempt to initialize if non-privileged

Running any of the firewall tools is unsupported when non-root. Rather than attempt to initialize the driver, which will then be unusable, just skip initialization entirely and decline startup. This allows libvirtd to carry on operating with the network driver disabled, while ensuring virtnetworkd will shutdown. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/network/bridge_driver.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 371bc2bae6..ce69c56464 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -596,6 +596,12 @@ networkStateInitialize(bool privileged, return -1; } + /* Can't manipulate the firewall when non-root */ + if (!privileged) { + ret = VIR_DRV_STATE_INIT_SKIPPED; + goto error; + } + network_driver = g_new0(virNetworkDriverState, 1); network_driver->lockFD = -1; -- 2.45.1